Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Security Constraint

Xeth Waxman

2005-02-15

Replies:

I have a new servlet which I've created - whenever you try to access
this servlet, I get the security certificate dialog box (do you want
to accept this certificate). However, this application has no
security constraint in its web.xml file - I don't know why it's trying
to serve up a certificate. In addition, you have to click 'yes' on
the security dialog three times, as if it's trying to serve the
certificate three times in a row. And, in the end, it doesn't take
the user to a secur connection - it just takes them to the http:
connection I wanted to get to in the first place. I'm using Tomcat
5.5 - here's a copy of my very simple web.xml - if anyone has any
ideas, I'd appreciate it. I don't want to make this a secure site and
take on the added overhead just because I can't stop the stupid
certificate from popping up.

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
  <servlet-name>ACHLogin</servlet-name>
  <servlet-class>com.gcc.achpayments.ACHLogin</servlet-class>
</servlet>
<servlet>
  <servlet-name>AddACHPayment</servlet-name>
  <servlet-class>com.gcc.achpayments.AddACHPayment</servlet-class>
</servlet>

<servlet-mapping>
  <servlet-name>ACHLogin</servlet-name>
  <url-pattern>/ACHLogin</url-pattern>
</servlet-mapping>
<servlet-mapping>
  <servlet-name>AddACHPayment</servlet-name>
  <url-pattern>/AddACHPayment</url-pattern>
</servlet-mapping>

<session-config>
  <session-timeout>30</session-timeout>
</session-config>

<welcome-file-list>
  <welcome-file>
     login.jsp
   </welcome-file>
  <welcome-file>
       index.jsp
    </welcome-file>
  <welcome-file>
       index.html
    </welcome-file>
  <welcome-file>
       index.htm
    </welcome-file>
</welcome-file-list>
</web-app>

--
Xeth Waxman
xwaxman@(protected)

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.